Mailinglist Archive: opensuse-security (520 mails)

< Previous Next >
Re: [suse-security] proftpd and port forwarding
  • From: Bastian Friedrich <bastian@xxxxxxxxxxxxxxxxxxxx>
  • Date: Mon, 4 Dec 2000 18:43:28 +0100 (MET)
  • Message-id: <Pine.LNX.4.30.0012041836200.24328-100000@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx>
Hi!

Denis Gassilloud schrieb am Mon, 4 Dec 2000 um 18:28:

> Bastian Friedrich wrote:
> >
> > Due to the inherent vulnerability of the wu.ftpd, I want to switch to a
> > different ftp daemon after upgrading one of my Webservers. It's Webmasters
> > need ftp access (*sigh*); plain text login is no choice, so port
> > forwarding of the control connection through a secure tunnel is needed
> > (in this case via ssh: ssh -L <port>:<server>:21 <server>).
> >
> try
> scp [-r...] with ssh
> sftp whith ssh2
> they also secure your data connections
> they do not use ftpd but sshd.

Once again: The box' webmasters need ftp, the box' webmasters need ftp and
they need ftp. Sometimes it's not a matter of "take another tool" :(

scp and sftp even encrypt - in contrast to "regular" ftp - the data
connection; this is - in many cases - unnecessery, in some cases even
unwanted, as it blows up connection time, system load and most of the time
even data amount (try to scp and ftp a file from one system to another in
a 10 MBit network - transfer rates may differ by a factor of two).

The primary reason for having to use ftp here is the proprietary O/S (they
call it MicroThoft Windowth or thomething) on the other side of the
connection...

Thx 4 your hint anyway.

Bye,
Basti

--
Bastian Friedrich bastian@xxxxxxxxxxxxxxxxxxxx
Adress & Fon available on my HP http://www.bastian-friedrich.de/
\~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~\
\ Earth is 98% full... please delete anyone you can.


< Previous Next >
References